Hacking Goals: A Goal-Centric Attack Classification Framework - Testing Software and Systems
Conference Papers Year : 2020

Hacking Goals: A Goal-Centric Attack Classification Framework

Abstract

Attack classification does represent a crucial activity in different security areas. During security assessment, it makes it easier to define which attacks must be performed. When conducting threat modeling activities, it simplifies the definition of attack graphs. Many works have addressed the attack taxonomy problem, by introducing different ways to classify attacks. However, these classifications are centered around vulnerabilities and have all been designed from the point of view of those defending a system. Nowadays, companies have a growing interest in Penetration Testing activities, as they have proven effective in detecting vulnerabilities. Penetration testers perform their activity by focusing on goals rather than attack types. In this paper we introduce a “goal-centric” methodology to classify attacks in terms of Hacking Goals.
Fichier principal
Vignette du fichier
497758_1_En_19_Chapter.pdf (182.8 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03239816 , version 1 (27-05-2021)

Licence

Identifiers

Cite

Francesco Caturano, Gaetano Perrone, Simon Pietro Romano. Hacking Goals: A Goal-Centric Attack Classification Framework. 32th IFIP International Conference on Testing Software and Systems (ICTSS), Dec 2020, Naples, Italy. pp.296-301, ⟨10.1007/978-3-030-64881-7_19⟩. ⟨hal-03239816⟩
78 View
83 Download

Altmetric

Share

More